Embed Size (px)
Citation preview
Incident Handlers
Threat Intelligence Analysts
A Business Information Security Officer (BISO) is a senior security leader assigned to lead a group or business unit’s security policy...
Chief Information Security Officers
SOC ANALYSTs
WHAT IS VENDOR RISK MANAGEMENT (VRM) AND WHY WE NEED THEM?
Third-party services are crucial to every organization...
READ MORE
WHY ORGANIZATIONS NEED STRONG CYBERSECURITY RISK MANAGEMENT CAPABILITIES
With the increase in usage of network and cloud technology...
READ MORE
Blog
BUSINESS INFORMATION SECURITY OFFICER (BISO) – ALL YOU NEED TO KNOW
Blog
Forensic Investigators
Blog
Blog
Blog
READ MORE
In the event of a cybersecurity breach, logs play a crucial role in various activities...
WHAT IS CENTRALIZED LOGGING AND WHY IS IT IMPORTANT?
READ MORE
The rise of cybersecurity threats and the large volume of data involved...
WHAT IS THE ROLE OF A THREAT INTELLIGENCE PLATFORM IN A
SUCCESSFUL SOC?
READ MORE
Data security has always been important for organizations, especially so for business...
WHAT IS SOC 2 TYPE 2 CERTIFICATION?
READ MORE
READ MORE
POPULAR OPEN-SOURCETHREAT INTERLLIGENCE PLATFORMS
Infographics
READ MORE
CYBERSECURITY INCIDENT RESPONSE5 DO’S & DON’TS OF EFFECTIVE INCIDENT RESPONSE
Collect volatile data and other critical artifacts from the
system using forensic tools
Collect external intelligence based on Identi�ed Indicators
of Compromise (IOC)
Secure systems and other media for forensic collection
Gather appropriate logs at both network & end point level
Communicate with potential customers and stakeholders
Panicking makes things worse
Never shut down compromised systems
Never discuss the incident with others unless otherwise directed
Never use domain admin credentials to access the systems environment
Never execute any non-forensic software on compromised systems
READ MORE
Infographics
WHAT ARE THE TOP CLOUD COMPUTING THREATS AND HOW TO AVOID THEM?
READ MORE
An estimated 70% of businesses are using...
DO YOU KNOW HOW TO RESPOND TO AN INSIDER THREAT?
READ MORE
This is the era of technology, competition...
CLOUD INCIDENT RE-SPONSE AND BEST PRACTICES
READ MORE
Most businesses have started moving their...
Blog
Whitepaper
Blog
READ MORE
READ MORE
INCIDENT HANDLING AND RESPONSE FOR BEGINNERS: A STEP-BY-STEP GUIDE
WHAT IS INCIDENT MANAGEMENT? HOW DOES IT HELP?
Computer security incident response systems have not just become a backbone of IT enterprises...
Imagine a scenario where internet connectivity is lost for a day due to a denial of service attack.
Slideshare
READ MORE
6 Most Popular Threat Modeling Methodologies
Blog
READ MORE
PROTECT YOUR SECTOR: THE IMPORTANCE OF THREAT SHARING
Essentially, threat intelligence is the compiled data that can be circulated...
READ MORE
INDICATORS OF COMPROMISE (IOCS)TO WATCH OUT FOR
Infographics
READ MORE
How to become a Digital Forensics Investigator
Slideshare
4 Ways Digital Forensics Helps Solve Cybercrimes
Infographics
READ MORE READ MORE
The beginning of the new financial year is a great time to analyze our biggest strengths and weaknesses on the cybersecurity front. The March Cyber Brief places a special focus on the need for diversity and inclusion in cybersecurity, which also emphasizing on the various new threat areas that need more attention. We hope that this issue will address those questions about cybersecurity that have remained unanswered, until now.
Access EC-Council's Cyber Brief - Feb 2021 here
READ MORE
WHAT ARE THE TYPES OF INCIDENT SECURITY AND HOW CAN YOU MITIGATE SUCH RISKS?
Detecting incident security events as soon as...
Blog
READ MORE
WHAT ARE THE RESPONSIBILITIES OF A SUCCESSFUL INCIDENT RESPONSE TEAM?
There are many risk and threat management...
Blog
READ MORE
HOW TO CREATE A SUCCESSFUL INCIDENT RESPONSE PLAN
The threat landscape is evolving every day...
Blog
WHAT IS A SOC AND HOW DOES A SUCCESSFUL SOC WORK?
The primary function of a Security Operations Center (SOC) is to prevent...
TOP 8 CHALLENGES FOR SOC TEAMS IN 2021
Data protection is a major challenge for organizations working online...
Blog
Blog
Mansi Thapar
IT Leader, Head – Information Security at Jaquar Group
WATCH NOW
HOW TO NAVIGATE YOUR FIRST 90 DAYS AS A CISO
Webinar
WHAT IS IDENTITY AND ACCESS MANAGEMENT (IAM)?
In enterprise IT, Identity and Access Management (IAM) is about identifying and...
REGULATORY COMPLIANCE: HOW TO STAY ON THE RIGHT SIDE OF THE LAW
Every organization faces the key requirement of adhering to government-set guidelines and...
READ MOREREAD MORE
Blog Blog
WHAT IS COMPLIANCE TRAINING? DOES IT REALLY MATTER?
How often have you heard the term compliance training and...
WHAT IS CISO? ROLES, RESPONSIBILITY, CAREER, SALARY AND REQUIREMENT FOR BECOMING CISO
Have you ever wondered what is CISO? What is their Job?...
READ MOREREAD MORE
Blog Blog
Whitepaper
Ancillary PageWhat Is Risk Management?
READ MORE
WHAT IS INCIDENT RESPONSE LIFE CYCLE? EVERYTHING YOU NEED TO KNOW
Incident response is a plan for methodically responding to a cybersecurity incident...
HOW TO USE OSINT TOOLS FOR BETTER INCIDENT RESPONSE
Open-source intelligence (OSINT) is vital to understand incident response in today’s cyber world...
READ MOREREAD MORE
Blog Blog
READ MORE
SlideshareHOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
SKILLS REQUIRED TO BECOME AN INCIDENT RESPONSE ANALYST
Forensic software
eDiscovery tools
System monitoringtools
Backup techniques
Network communication based on IP and TCP,
Cloud computing
Windows, Linux, etc.,
UNIX
READ MORE
SKILL REQUIRED TO BECOME A SUC-CESSFUL INCIDENT RESPONSE ANALYST
Infographics
Ancillary Page
PHASES TO BUILD A ROBUST INCIDENT RESPONSE PLAN
READ MORE
Blog
3 PRIMARY ELEMENTS OF A CYBER-SECURITY OPERATIONS CENTER
READ MORE
With so many headlines talking about the rise of cyber threats, it’s no surprise that organizations are looking to create Cybersecurity Operations Centers
SimplifiedSOC Analyst Roles
EC-Council
ALERTS BY:
IT Dept's
Help Desk (Users)
Security Intelligence Platform
Monitor event logs
TIER 1 ANALYST (Triage)
Basic Investigation andMitigation
Opens tickets, closes falsepositives
Finding nature of threat
TIER 2 ANALYST (Investigation)
Co-ordinate a response toremediate the issue
Mitigation / recommendschanges
Support incident response &looks for Forensic & telemetrydata
TIER 3 ANALYST (Threat Hunting)
Prevention
Mitigation / recommendschanges
Threat Hunting
Counter intelligence
Malware ReverserREAD MORE
Infographics
READ MORE
WHY DO YOU NEED SECURITY OPERATIONS CENTRE FOR HEALTHCARE ORGANIZATIONS?
Infographics
READ MORE
WHY THERE IS A WORKFORCE GAPIN SOC
Infographics
Greater network visibility
Faster incident response
Since a SOC monitors everything that’s going on with the network, most likely via a SIEM, a SOC analyst can investigate whether an anomaly is malicious or not. If it is malicious, they will be able to respond to it accordingly.
Another aspect of greater network visibility is seeing exactly what devices are on the network and their status. If a device has an out of date virus definition or unauthorized software installed, that device can be quarantined until everything is resolved
If a healthcare organization just has anti-virus software installed on every device, an attacker can gain access to the network outside of business hours. This can be done via a multitude of ways, including social engineering and/or an APT. But if a SOC analyst is watching the network 24/7/365, they can react immediately to any kind of threat.
Why need a Security Operation Center for Healthcare Organization
Lack of planningMany organizations lack strategic planning with
respect to cybersecurity. Right steps are not taken to nurture the talent needed for these roles.
The skill and experience debateThere are mixed opinions on the career graph of a SOC team. Many cyber professionals feel that they do not have a well-defined career path as some of
them bank on the prowess of their skills whileanother bunch vouches for hands-on
experiencecoupled with the right certification.
Despite the predominance gained by this domain, enterprises still lack the understanding of proper role mapping in a SOC team. This often leads to dissatisfaction in jobs which ultimately results in a stressful situation.
Lack of understanding of the career graph
The most common and most alarming reason for this skill gap is the lack of training and relevant certifications due to which cybersecurity professionals feel constrained in their growth in an organization.
Improper training
Why there is a workforce gap in SOC?
CYBER THREAT INTELLIGENCE PROFESSIONALS – 4 KEY CAPABILITIES
COMMON INSIDER THREAT MOTIVATIONS
Infographics Infographics
READ MORE READ MORE
CYBER THREAT INTELLIGENCE PROFESSIONAL– 4 KEY CAPABILITIES
Must be able to deal with the different types of threatintelligence strategic threat intelligence, operational threat intelligence, tactical threat intelligence, and technical threat intelligence.
Must have the skill to collect data from IoCs
Possible only when they are aware of the different types of threat intelligence tools, report writing tools, threat modelling tools and methodologies
Must be proficient when collecting data collecting data through the Google Hacking Database and other search engines, web services, website foot printing, DNS interrogation, and other techniques
Must be able to form a report One of the most crucial capabilities is being able to report this found data to management so that appropriate action can be taken.
Financial Gain
ProfessionalRevenge
Personal Gain
EmployeeDiscontent
No Motivation / Carelessness
ProfessionalSabotage
BusinessAdvantage
Threat Motivations from Insider
EC-Council
Popular Open-SourceThreat Intelligence Platforms
Certified
IAThreat Intelligence Analyst
C T
Talos Intelligence
Safe Browsing
InfraGard Portal
Spamhaus
VirusShare Malware Repository
Ransomware Tracker
VirusTotal
Login Anomalies
Increase in databaseread volume
Huge HTML response
Identifying web traffic
Mobile setting changes
Certified
IAThreat Intelligence Analyst
C TIndicators of Compromise (IOCs)to Watch Out For
Blog
READ MORE
DO YOU KNOW WHAT IOT FORENSICS IS AND HOW IT
With the introduction of the Internet of Things (IoT)...
Blog
READ MORE
5 SKILLS YOU NEED TO BECOME A CYBER FORENSICS EXPERT
Does the word “investigation” give you goosebumps?...
5 OF THE HIGHEST- PAYINGCOMPUTER FORENSICS JOBS
Job Title Avg. Salary(PayScale)
Jobs Available Worldwide (LinkedIn)
Forensic Engineer
CybersecurityAnalyst
ForensicAccountant
Forensic ComputerAnalyst
Information SecuritySpecialist
$85,825 / year
$76,626 / year
$69,202 / year
$74,388 / year
$76,846 / year
78,054
10,527
4,098
3,286
2,022
*Updated numbers as of February 2021.6 ANTI-FORENSIC TECHNIQUES THAT CYBER
INVESTIGATORS FEARENCRYPTION ENCRYPTION
1
2
3
4
5
6
The data is converted into an unreadable format (“encrypted data” or “ciphertext”) using a pair of keys.
STEGANOGRAPHY The act of concealing data in plain sight.
TUNNELINGThis method uses encapsulation to allow private communications to be exchanged over a public network.
ONION ROUTING The process of sending messages which are encrypted in layers, denoting layers of an onion, is referred to as onion routing.
OBFUSCATION A technique that makes a message difficult to understand because of its ambiguous language is known as obfuscation.
SPOOFING The act of disguising communication to gain access to unauthorized systems or data.
How to become a Digital Forensics Investigator
READ MORE
Infographics
How to become a Digital Forensics Investigator
READ MORE
Infographics
Brought to You by EC-Council
News from around the world
News
News
CISO MAG Interviews
Interviews
Don’t be afraid to ask about opportunities; fortune favors the bold
READ MORE
Interviews
Empowering Marginalized Voices in a Digital World
READ MORE
Interviews
Never let anyone have you think that you cannot achieve something because you are a woman
READ MORE
Interviews
I personally believe girls are naturally blessed analysts and can make great research scholars
READ MORE
HOW PENETRATION TESTING CERTIFICATION CAN BOOST YOUR CAREER AS AN IT PROFESSIONAL
The last five years have seen an exponential rise...
READ MORE
Blog
HOW TO SECURE YOUR CONTAINERS: A CLOSER LOOK AT DOCKER AND KUBERNETES
Containers technology is currently trending in the...
READ MORE
Whitepaper
Network Defenders
Penetration Tester
Ethical Hackers
Blog Blog Blog
READ MORE
IT/network administration has always been...
READ MORE
The internet and wireless connectivity have so much...
READ MORE
Remote work is a risky affair. While it has proven...
Blockchain Professionals
Blog
Blog
READ MORE
READ MORE
INTRODUCTION TO ETHICAL HACKING AND PENETRATION TESTING
PRETEXTING IN CYBERSECURITY: WHY THIS SOCIAL ENGINEERING THREAT IS DANGEROUS
The demand for ethical hackers has grown in the last few years...
Social engineering attacks have increased as circumstances have changed...
Slideshare
READ MORE
Certified Ethical Hacker CEH v11
READ MORE
Cybersecurity experts discovered a cyber espionage campaign targeting telecom...
Operation Diànxùn: Chinese Cyber Espionage Campaign Targeting
5G Operators
News
READ MORE
The FBI is warning users and organizations about the Mamba ransomware...
Mamba Ransomware is Weaponizing DiskCryptor: FBI
READ MORE
As a country with the second-largest population and the third-largest economy...
Indian Transport Sector on Hackers’ Radar; CERT-In Warns
News
The Pandemic-hit World Witnessed a 150% Growth of Ransomware
News
READ MORE
Instagram is currently hands-down one of the most popular...
Wait! Read This Before You Post a Story on Instagram
News
READ MORE
WhatsApp has been feeling the heat of governments...
WhatsApp Trialing Encrypted Chat Backups?
READ MORE
Is Google reCAPTCHA Really Secure?
Several cybersecurity experts have reported an increase...
iOS Call Recording App Allowed Snooping-in on Users Conversations
Researchers found a security vulnerability in the iOS...
News News
READ MORE READ MORE
News
Security experts uncovered a new kind of phishing campaign in which threat...
NimzaLoader: Malware Written in Rare Programming Language
READ MORE
Based on an IBM security report, India had recently gained...
Smart City Project in India Receives a Ransomware Jolt
News
READ MORE
9 SECURITY RISKS THAT WEB APPLICATION PENETRATION TESTING CAN FIX
Website penetration testing is the most secure...
WHY KNOWLEDGE OF NMAP IS IMPORTANT TO LAND GOOD PENETRATION TESTING JOBS
Penetration testing is one of the most popular career...
READ MOREREAD MORE
Blog Blog
WHY CPENT IS THE MOST COMPREHENSIVE PENETRATION TESTING CERTIFICATION PROGRAM
If there is one practice that businesses have started...
3 MISTAKES YOU SHOULD AVOID WHILE CREATING A PENETRATION TESTING REPORT
In a world where cybersecurity threats are looming...
READ MOREREAD MORE
Blog Blog
5 REASONS WHY AN IT/NETWORK ADMINISTRATOR SHOULD THINK BEYOND MCSE
3 ADVANTAGES A NETWORK DEFENDER HAS OVER A NETWORK ADMIN
5 NETWORK SECURITY BASICS FOR A SAFE REMOTE WORK CULTURE IN 2021
BEST PLATFORMS TO LEARN THE BASICS OF HACKING AND PENETRATION TESTING
READ MORE
Cybersecurity has emerged as one of the...
5 TIPS TO SELECT THE BEST ETHICAL HACKING TOOLS
READ MORE
Ethical hacking has become a popular career...
CYBERSECURITY THREATS: WHAT ARE DDOS ATTACKS AND HOW CAN YOU AVOID THEM?
READ MORE
Cybersecurity threats have become more...
Blog
Irene Corpuz
Co-founder of the Women in Cyber Secu-rity Middle East (WiCSME)
WATCH NOW
Why Risk Management Techniques Are Important in Ethical Hacking
Webinar
4 REASONS WHY DESIGNERS NEED BLOCKCHAIN AND FAST
In the last few years, the blockchain industry has been...
READ MORE
5 SKILLS THAT YOU NEED TO BECOME A BLOCKCHAIN DEVELOPER
Blockchain technology is gradually revolutionizing...
READ MORE
Blog
Blog
HYPERLEDGER VS ETHEREUM – WHICH BLOCKCHAIN PLATFORM IS GOOD FOR YOUR BUSINESS?
Blockchain is a revolutionary concept developed...
TOP 4 BLOCKCHAIN RISKS A CIO SHOULD KNOW
Enterprises in every sector are trying to adopt blockchain...
READ MOREREAD MORE
Blog Blog
DESIGNING FOR BLOCKCHAIN: THE 5 PRINCIPLES YOU NEED TO KNOW
Blockchain is now regarded as serious stuff...
TOP 5 ENTERPRISE BLOCKCHAIN PROTOCOLS YOU NEED TO KNOW
Blockchain technology has reached a milestone...
READ MOREREAD MORE
Blog Blog
HOW BLOCKCHAIN MAKES IOT MORE SECURE
IoT technology is increasingly connecting multiple...
WHAT ARE FORKS AND COORDINATION IN BLOCKCHAIN?
Blockchain is a continuously developing technology...
READ MOREREAD MORE
LEARN MORE
An openhanded tuition assistance for students pursuing a Bachelor of Science in Cyber Security (BSCS) or a Master of Science in Cyber Security (MSCS) with a minimum of 3.5 GPA.
EC-Council Foundation Fellowship (ECCFF)
LEARN MORE
A women-oriented program that financially assists female undergraduate and graduate students to complete their education.
President’s Scholarship for Women in Cybersecurity
Whitepaper Whitepaper
ECCU
CodeRed v2: The Experience Keeps Getting Better and Better
Library: Access over 150+ courses based on your preferences.
READ MORE
START YOUR LEARNING JOURNEY NOW!
Pro: Gain unlimited access to our premium courses.
READ MORE
Bundles: Pre-curated bundles created by our expert content team.
Microdegrees: 200+ hours of premium videos and labs.
READ MORE READ MORE
Enhance your learning experience and truly take your career to the next level with our latest features!
